Topics

Europrivacy.info has fulfilled the task of preparing Italian companies for the impact of the GDPR. We started to publish our interpretations of the law well before the final text was approved (in 2015) and we organized dozens of public conferences and debates even with the Data Protection Authority. We consider this task concluded with 316 posts.

We have therefore decided to close the blog at 12/31/2018 thanking the authors and our readers for their support and sympathy.

The content in this website is classified into different categories/topics. In particular:

This topic covers all aspects related to the DPO, for example, which are the professional characteristics of the DPO, how to recruit a good DPO, how the DPO should organize his/her job, what is the role intersection between DPO and CISO, etc.

Into this section we discuss organizational and technical actions appropriate to implement organizational and technical processes to identify, reduce and mitigate risks threaten personal information, considering also costs of implementation.

This topic covers all aspects related to the Data Breach such as for example how to define a correct organizational process to manage a data breach, how to estimate the brand and reputation damage in case an incident is disclosed, which contractual clauses to put in contracts with vendors and how to manage the communication related to the response to a data breach on social networks.

This principle is already in the current Directive, but it is now introduced as a specific, stand-alone concept so it is fundamental to discuss a new approach that every internal work-flow must have in the future in order to comply with Regulation principles.

Any other argument that is not within the topics Legal Framework, Roles, and Liability, Data Protection Officer, Impact Risks and Measures, Data Breach, Privacy by Design and Sanctions could be written into this category.